sprouting.cloud/ansible_role_package
Public Access
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
9a9d2b2eb1a9bc0aed51f1688e20386289573919
ansible_role_package/files/caddy/caddy.yml
Matthew Stobbs 333ee4c3f5 make the packages role more generic
2025-01-18 09:24:11 -07:00

105 lines
2.2 KiB
YAML
Raw Blame History

# Install and configure caddy reverse proxy
---
- name: create caddy group
become: true
ansible.builtin.group:
name: "{{ caddy.group | default('caddy') }}"
state: present
system: true
tags:
- http
- caddy
- proxy
- user_group
- name: create caddy user
become: true
ansible.builtin.user:
comment: caddy server user
create_home: true
group: "{{ caddy.group | default('caddy') }}"
name: "{{ caddy.user | default('caddy') }}"
state: present
system: true
password_lock: true
shell: /sbin/nologin
tags:
- http
- caddy
- proxy
- user_group
- name: install caddy binary
become: true
ansible.builtin.copy:
dest: /usr/local/bin/caddy
group: root
owner: root
mode: '0755'
setype: bin_t
src: caddy/caddy
tags:
- http
- caddy
- proxy
- binary
- name: install caddy systemd service
become: true
ansible.builtin.template:
backup: true
dest: /etc/systemd/system/caddy.service
group: root
owner: root
mode: '0640'
setype: systemd_unit_file_t
src: caddy/caddy.service.j2
vars:
domain_name: "{{ nextcloud.domain_name }}"
user: "{{ caddy.user | default('caddy') }}"
group: "{{ caddy.group | default('caddy') }}"
envfile: "{{ caddy.envfile | default(omit) }}"
cmdpath: /usr/local/bin/caddy
extra_args: --environ
configfile: "{{ caddy.configfile | default('/etc/caddy/Caddyfile') }}"
timeout: 5s
capabilities: CAP_NET_ADMIN CAP_NET_BIND_SERVICE
tags:
- http
- caddy
- proxy
- service
- config
- name: install Caddyfile
become: true
ansible.builtin.template:
backup: true
dest: /etc/caddy/Caddyfile
group: "{{ caddy.group | default('caddy') }}"
owner: "{{ caddy.user | default('caddy') }}"
mode: '0640'
setype: etc_t
src: caddy/Caddyfile.j2
tags:
- http
- caddy
- proxy
- config
- name: install .env file
become: true
when:
- caddy.env_vars is defined
- caddy.envfile is defined
ansible.builtin.copy:
dest: "{{ caddy.envfile }}"
group: root
owner: root
mode: '0600'
setype: etc_t
content: |
{{ caddy.env_vars }}
tags:
- caddy
Reference in New Issue View Git Blame Copy Permalink